The invention disclosed herein relates generally to metering systems that generate keys for use in producing cryptographically secure information. More particularly, this invention is directed to metering systems that delay generation of meter security parameters that are associated with cryptographic keys in order to lessen memory burden on the metering system.
Postage meters are conventional devices that are used to print an indication of dispensed postage value on a mailpiece. The indication of dispensed postage value is typically in the form of a postage indicium and may include, in addition to the postage value, a date and/or time the postage indicium was printed, a meter serial number, a mailed from zip code, and cryptographically secure data that can be used by the postal authority to verify the authenticity of the postage indicium. The cryptographically secure data is calculated by the metering system using keys that are generated by the metering system. Accordingly in order for the postage indicium to be verified, the party performing the verification must have the capability of obtaining the metering system key (secret key system) or a corresponding public key (public key system).
The United States Postal Service (USPS) has developed draft specifications based on a public key system for the generation of cryptographically secure postage indicium that can be verified as being authentic. These specifications require that a postage meter generate its own public/private key pair. This key pair must be changed periodically and the newly generated public key registered with the USPS. Unfortunately, the newly generated private and public keys cannot be used by the postage meter until the new public key is registered with a certificate authority (i.e. the USPS or its designated certificate authority). However, the registration process does not occur in real time. As a result, a postage meter must maintain the cryptographic parameters for two key pairs during the period of time from when a new key pair has been generated until notification of successful registration of the new public key has been received at the postage meter. Where postage meter vaults using smart card chips are used (for example in either low cost or portable vault applications), an extra burden is placed on the smart card chip by requiring additional non-volatile memory (which is at a premium in smart card chip and similar devices) for the storage of two sets of cryptographic parameters. Accordingly, there is a need for a method and associated apparatus that lessens the memory burden on the vault structure while accommodating the process for registering newly generated keys.
The present invention overcomes the problems discussed above in connection with conventional postage metering systems by providing a method for using cryptographic parameters in a postage meter for securing postage indicium data that includes the steps of generating in the postage meter 1) first cryptographic parameters which are useable in conjunction with second cryptographic parameters by the postage meter to cryptographically secure postage indicium data and 2) a cryptographic key; storing the first cryptographic parameters but not the second cryptographic parameters in the postage meter during the registering of the cryptographic key with a certificate authority; receiving at the postage meter notification that the cryptographic key has been registered with the certificate authority; and subsequent to receiving the notification generating and storing the second cryptographic parameters in the postage meter such that the first and second cryptographic parameters are both stored in the postage meter for use in cryptographically securing postage indicium data.